1 Hitachi ID Password Manager

Managing the User LifecycleAcross On-Premises andCloud-Hosted Applications

Integrated credential management:Passwords, security questions, certificates, tokens, smart cards and biometrics.

2 Agenda

• Introductions.• Hitachi ID corporate overview.• Hitachi ID Suite overview.• Password problems and Hitachi ID Password Manager benefits.• The Password Manager solution.• Password Manager competitive advantages• Software demonstration.

© 2020 Hitachi ID Systems, Inc. All rights reserved. 1

Slide Presentation

3 Hitachi ID corporate overview

Hitachi ID delivers access governanceand identity administration solutionsto organizations globally.Hitachi ID IAM solutions are used by Fortune500companies to secure access to systemsin the enterprise and in the cloud.

• Founded as M-Tech in 1992.• A division of Hitachi, Ltd. since 2008.• Over 1200 customers.• More than 14M+ licensed users.• Offices in North America, Europe and

APAC.• Global partner network.

© 2020 Hitachi ID Systems, Inc. All rights reserved. 2

Slide Presentation

4 Representative customers

© 2020 Hitachi ID Systems, Inc. All rights reserved. 3

Slide Presentation

5 Hitachi ID Suite

© 2020 Hitachi ID Systems, Inc. All rights reserved. 4

Slide Presentation

6 Integration with other IAM products

E/SSO

WebSSO/WebAM

Directory

Meta Directory

Virtual Directory

System of Record

CO

RE

IN

FR

AS

TR

UC

TU

RE

Automation

Self-service requests

Authorization workflow

Consolidated reporting

Auto-discovery

Reliable updates

Target connectors

Help desk integrations

Database replication

HitachiIDPassword Manager

HitachiIDIdentity Manager

HitachiIDGroup Manager

HitachiIDLogin Manager

HitachiIDOrg Manager

HitachiIDPrivileged Access Manager

HitachiIDPhone PW Manager

HitachiIDAccess Certifier

7 Problem: Too many passwords

Every login account has its own: Password complexity creates businessproblems:

• Password value.• User interface.• Strength rules.• Expiration date.

• High call volume :Users forget or lock out their passwords.This can be 30% of help desk workload.

• Sticky notes :Users write down their passwords andmay leave them in public view.

• Bad passwords :Users choose simple, easily guessedpasswords.

© 2020 Hitachi ID Systems, Inc. All rights reserved. 5

Slide Presentation

8 The HiPM solution

Hitachi ID Password Manager addresses the problems that arise from password complexity:

• Cost savings from simplified password management, rapid deployment, low TCO and fast ROI.• Improved security from strong authentication, policy enforcement.• Scalability to hundreds of thousands of users.• Flexibility to integrate with existing infrastructure.

© 2020 Hitachi ID Systems, Inc. All rights reserved. 6

Slide Presentation

9 HiPM features

Password synch:

• Reduce the number of passwords per user.

Self-service:

• Password change, reset and unlock.• Token or smart card PIN reset.• Unlock encrypted drive with forgotten pre-boot password.

Value-add:

• 2FA – built-in for all users, including via mobile app.• Federated access – replace other apps’ login screens.• Password vault – users can store unmanaged passwords.

Access from:

• PC browser or login screen.• At the office or off-site.• Smart phone app or self-service phone call.

Assisted service:

• Password, token PIN, intruder lockout.

Policy enforcement:

• Two-factor authentication for all users.• Password complexity, expiry, history.• Non-password authentication.

Managed enrollment:

• Security questions.• Login IDs.• Mobile phone numbers.

© 2020 Hitachi ID Systems, Inc. All rights reserved. 7

Slide Presentation

10 The Hitachi ID solution is flexible

Customize: Every aspect of the user interface

Integrate with: 120+ target system typesCall tracking systemsHR systemsAuthentication hardwareMeta directoriesIVR servers

Enforce: Password policyAuthentication rules

11 Active-active architecture

“Cloud”

Reverse

web

proxyVPN server

IVR server

Load

balancers

E-mail

system

Ticketing

system

HR

Hitachi ID

servers

Hitachi ID

servers

Firewalls

Proxy server

(if needed)

Mobile

proxy

SaaS apps

Managed

endpoints

Managed endpoints

with remote agent:

AD, SQL, SAP, Notes, etc

z/OS - local agent

MS SQL databases

Password synch

trigger systems

Native password

change

ManageMobile UI

AD, Unix, z/OS,

LDAP, iSeries

Validate pw

Replication

System of

record

Tickets

Notifications

and invitations

Data c

enter A

Data c

enter B

Remote

data

cente

r

TCP/IP + AES

Various protocols

Secure native protocol

HTTPS

© 2020 Hitachi ID Systems, Inc. All rights reserved. 8

Slide Presentation

12 Included connectors

Directories: Databases: Server OS – X86/IA64: Server OS – Unix: Server OS – Mainframe:

Active Directory and AzureAD; any LDAP; NIS/NIS+ andeDirectory.

Oracle; SAP ASE and HANA;SQL Server; DB2/UDB;Hyperion; Caché; MySQL;OLAP and ODBC.

Windows: NT thru 2016; Linuxand *BSD.

Solaris, AIX and HP-UX. RAC/F, ACF/2 and TopSecret.

Server OS – Midrange: ERP, CRM and other apps: Messaging & collaboration: Smart cards and 2FA: Access managers / SSO:

iSeries (OS400); OpenVMSand HPE/Tandem NonStop.

Oracle EBS; SAP ECC andR/3; JD Edwards; PeopleSoft;Salesforce.com; Concur;Business Objects and Epic.

Microsoft Exchange, Lync andOffice 365; LotusNotes/Domino; Google Apps;Cisco WebEx, Call Managerand Unity.

Any RADIUS service or SAMLIdP; Duo Security; RSASecurID; SafeWord; Vasco;ActivIdentity andSchlumberger.

CA SiteMinder; IBM SecurityAccess Manager; Oracle AM;RSA Access Manager andImprivata OneSign.

Help desk / ITSM: PC filesystem encryption: Server health monitoring: HR / HCM: Extensible / scriptable:

ServiceNow; BMC Remedy,RemedyForce and Footprints;JIRA; HPE Service Manager;CA Service Desk; AxiosAssyst; Ivanti HEAT;Symantec Altiris; Track-It!; MSSCS Manager and Cherwell.

Microsoft BitLocker; McAfee;Symantec EndpointEncryption and PGP;CheckPoint and SophosSafeGuard.

HP iLO, Dell DRAC and IBMRSA.

WorkDay; PeopleSoft HR;SAP HCM andSuccessFactors.

CSV files; SCIM; SSH;Telnet/TN3270/TN5250;HTTP(S); SQL; LDAP;PowerShell and Python.

Hypervisors and IaaS: Mobile management: Network devices: Filesystems and content: SIEM:

AWS; vSphere and ESXi. BlackBerry Enterprise Serverand MobileIron.

Cisco IOS PIX and ASA;Juniper JunOS andScreenOS; F5 BigIP; HPProcurve; Brocade Fabric OSand CheckPointSecurePlatform.

Windows/CIFS/DFS;SharePoint; Samba; HitachiContent Platform and HCPAnywhere; Box.com andTwitter.

Splunk; ArcSight; RSAEnvision and QRadar. AnySIEM supporting SYSLOG orWindows events.

Management & inventory:

Qualys; McAfee ePO andMVM; Cisco ACS;ServiceNow ITAM; HPUCMDB; Hitachi HiTrack.

13 Integration with custom apps

• Hitachi ID Password Manager easily integrates with custom, vertical and hosted applications usingflexible agents .

• Each flexible agent connects to a class of applications:

– API bindings (C, C++, Java, COM, ActiveX, MQ Series).– Telnet / TN3270 / TN5250 / sessions with TLS or SSL.– SSH sessions.– HTTP(S) administrative interfaces.– Web services.– Win32 and Unix command-line administration programs.– SQL scripts.– Custom LDAP attributes.

• Integration takes a few hours to a few days.• Fixed cost service available from Hitachi ID.

© 2020 Hitachi ID Systems, Inc. All rights reserved. 9

Slide Presentation

14 HiPM cost savings

Synchronization: Eliminates 60% to 90% of password problems.

Self-service reset: When adopted by 40% to 70% of users, diverts problem resolution awayfrom the help desk.

Assisted reset: Shortens remaining password reset HD calls by 50% or more, to about 1minute/call.

15 HiPM security benefits

Policy: Hitachi ID Password Manager can enforce over 50 password rules, on everysystem.

Synchronization: No need to write down multiple passwords.

Authentication: Users are identified before being allowed a HD password reset.

Delegation: Support staff no longer require administrative credentials.

Accountability: All password-related events logged.

Encryption: Sensitive data is sent and stored encrypted.

16 Rapid deployment and low TCO

Optimized to minimize effort: Using Hitachi ID Password Managertechnology:

• Password Manager:

– Initial deployment:1 – 2 months.

– Ongoing maintenance:0.25 – 0.5 FTE.

• Built-in discovery, mapping of IDs,entitlements.

• Managed user enrollment (e.g., Q&A).• Client software optional.• 120 connectors out of the box (more easy

to add).

© 2020 Hitachi ID Systems, Inc. All rights reserved. 10

Slide Presentation

17 High user adoption rates

• Password synchronization motivates users to use Hitachi ID Password Manager.• Automatically managed user enrollment:

– E-mail reminders.– Popup Web browsers.– Discretionary or mandatory registration.

• Hitachi ID provides best practices for adjusting help desk SLAs, developing promotional campaigns,marketing collateral and more.

• A very simple user interface is designed for novice and infrequent users.• Built-in tools measure registration, adoption, call volume trends, etc.

18 HiPM differentiation

The most features

• Manage all credentials:

– Passwords on directories, servers,apps, DBs.

– On-premises and SaaS.– Pre-boot passwords.– Smart cards and tokens.

• 2FA for all users.• Personal password vault.• Federated single sign-on (SAML IdP).• 120+ connectors included.

Always available

• Corporate PCs:

– Pre-boot unlock screen.– Windows/MacOSX login screen.– Desktop browser.

• Smart phone app.• Voice call to IVR.• At work and off-site.

Scalable

• Multi-master, active-active.• Load balanced, replicated.• Geographically distributed.• Multi-lingual.

The best ROI

• Reduce problem frequency

– Address root cause.– Don’t just download problem

resolution to users.

• Managed enrollment to maximizeadoption.

• Rapid deployment, minimal maintenance.

© 2020 Hitachi ID Systems, Inc. All rights reserved. 11

Slide Presentation

19 Summary

An integrated solution for managing credentials:

• Immediate security benefit: password policy, help desk caller authentication.• Low deployment cost, minimal ongoing investment, significant IT support savings.• Always accessible:

– Web browser on PC, phone or tablet.– Windows login prompt.– Pre-boot encryption password prompt.– Apps on iOS, Android.– Phone call / IVR.– Available at work and while off-site.

• 120+ connectors included.

Learn more at hitachi-id.com/password-manager

hitachi-id.com

500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 E-Mail: sales@hitachi-id.com

Date: 2020-03-23 | 2020-03-23 File: PRCS:pres